15133993414

Committed 20 May 2025 09:30AM UTC coverage: 26.313% (-1.2%) from 27.493%

Build # 15133993414

Build Type

Pull #7161

github

Committed by

web-flow

Commit Message

Merge e2c03d45f into 5459ba375

Pull Request Pull Request #7161: fix(metadata): infer parameter string type from schema

Run Details

0 of 2 new or added lines in 1 file covered. (0.0%)

11019 existing lines in 363 files now uncovered.

12898 of 49018 relevant lines covered (26.31%)

34.33 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

90.48

/src/State/Util/RequestParser.php

<?php

/*
 * This file is part of the API Platform project.
 *
 * (c) Kévin Dunglas <dunglas@gmail.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

declare(strict_types=1);

namespace ApiPlatform\State\Util;

use Symfony\Component\HttpFoundation\Request;

/**
 * Utility functions for working with Symfony's HttpFoundation request.
 *
 * @internal
 *
 * @author Teoh Han Hui <teohhanhui@gmail.com>
 * @author Vincent Chalamon <vincentchalamon@gmail.com>
 */
final class RequestParser
{
    private function __construct()
    {
    }

    /**
     * Parses request parameters from the specified source.
     *
     * @author Rok Kralj
     *
     * @see https://stackoverflow.com/a/18209799/1529493
     */
    public static function parseRequestParams(string $source): array
    {
        // '[' is urlencoded ('%5B') in the input, but we must urldecode it in order
        // to find it when replacing names with the regexp below.
        $source = str_replace('%5B', '[', $source);

        $source = preg_replace_callback(
            '/(^|(?<=&))[^=[&]+/',
            static fn ($key): string => bin2hex(urldecode($key[0])),
            $source
        );

        // parse_str urldecodes both keys and values in resulting array.
        parse_str($source, $params);

        return array_combine(array_map('hex2bin', array_keys($params)), $params);
    }

    /**
     * Generates the normalized query string for the Request.
     *
     * It builds a normalized query string, where keys/value pairs are alphabetized
     * and have consistent escaping.
     */
    public static function getQueryString(Request $request): ?string
    {
        $qs = $request->server->get('QUERY_STRING', '');
        if ('' === $qs) {
            return null;
        }

        $parts = [];

        foreach (explode('&', (string) $qs) as $param) {
            if ('' === $param || '=' === $param[0]) {
                // Ignore useless delimiters, e.g. "x=y&".
                // Also ignore pairs with empty key, even if there was a value, e.g. "=value", as such nameless values cannot be retrieved anyway.
                // PHP also does not include them when building _GET.
                continue;
            }

            $keyValuePair = explode('=', $param, 2);

            // GET parameters, that are submitted from a HTML form, encode spaces as "+" by default (as defined in enctype application/x-www-form-urlencoded).
            // PHP also converts "+" to spaces when filling the global _GET or when using the function parse_str. This is why we use urldecode and then normalize to
            // RFC 3986 with rawurlencode.
            $parts[] = isset($keyValuePair[1]) ?
                rawurlencode(urldecode($keyValuePair[0])).'='.rawurlencode(urldecode($keyValuePair[1])) :
                rawurlencode(urldecode($keyValuePair[0]));
        }

        return implode('&', $parts);
    }
}

1	<?php
2
3	/*
4	* This file is part of the API Platform project.
5	*
6	* (c) Kévin Dunglas <dunglas@gmail.com>
7	*
8	* For the full copyright and license information, please view the LICENSE
9	* file that was distributed with this source code.
10	*/
11
12	declare(strict_types=1);
13
14	namespace ApiPlatform\State\Util;
15
16	use Symfony\Component\HttpFoundation\Request;
17
18	/**
19	* Utility functions for working with Symfony's HttpFoundation request.
20	*
21	* @internal
22	*
23	* @author Teoh Han Hui <teohhanhui@gmail.com>
24	* @author Vincent Chalamon <vincentchalamon@gmail.com>
25	*/
26	final class RequestParser
27	{
28	private function __construct()
29	{
30	}	×
31
32	/**
33	* Parses request parameters from the specified source.
34	*
35	* @author Rok Kralj
36	*
37	* @see https://stackoverflow.com/a/18209799/1529493
38	*/
39	public static function parseRequestParams(string $source): array
40	{
41	// '[' is urlencoded ('%5B') in the input, but we must urldecode it in order
42	// to find it when replacing names with the regexp below.
UNCOV 43	$source = str_replace('%5B', '[', $source);	313✔
44
UNCOV 45	$source = preg_replace_callback(	313✔
UNCOV 46	'/(^\|(?<=&))[^=[&]+/',	313✔
UNCOV 47	static fn ($key): string => bin2hex(urldecode($key[0])),	313✔
UNCOV 48	$source	313✔
UNCOV 49	);	313✔
50
51	// parse_str urldecodes both keys and values in resulting array.
UNCOV 52	parse_str($source, $params);	313✔
53
UNCOV 54	return array_combine(array_map('hex2bin', array_keys($params)), $params);	313✔
55	}
56
57	/**
58	* Generates the normalized query string for the Request.
59	*
60	* It builds a normalized query string, where keys/value pairs are alphabetized
61	* and have consistent escaping.
62	*/
63	public static function getQueryString(Request $request): ?string
64	{
UNCOV 65	$qs = $request->server->get('QUERY_STRING', '');	799✔
UNCOV 66	if ('' === $qs) {	799✔
UNCOV 67	return null;	489✔
68	}
69
UNCOV 70	$parts = [];	313✔
71
UNCOV 72	foreach (explode('&', (string) $qs) as $param) {	313✔
UNCOV 73	if ('' === $param \|\| '=' === $param[0]) {	313✔
74	// Ignore useless delimiters, e.g. "x=y&".
75	// Also ignore pairs with empty key, even if there was a value, e.g. "=value", as such nameless values cannot be retrieved anyway.
76	// PHP also does not include them when building _GET.
77	continue;	×
78	}
79
UNCOV 80	$keyValuePair = explode('=', $param, 2);	313✔
81
82	// GET parameters, that are submitted from a HTML form, encode spaces as "+" by default (as defined in enctype application/x-www-form-urlencoded).
83	// PHP also converts "+" to spaces when filling the global _GET or when using the function parse_str. This is why we use urldecode and then normalize to
84	// RFC 3986 with rawurlencode.
UNCOV 85	$parts[] = isset($keyValuePair[1]) ?	313✔
UNCOV 86	rawurlencode(urldecode($keyValuePair[0])).'='.rawurlencode(urldecode($keyValuePair[1])) :	309✔
UNCOV 87	rawurlencode(urldecode($keyValuePair[0]));	13✔
88	}
89
UNCOV 90	return implode('&', $parts);	313✔
91	}
92	}

api-platform / core / 15133993414

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous